david / 3.3.1 last updated a year ago created on Jan 27th 2013


npm install --save david


git clone git@github.com:alanshaw/david.git

dependencies show all 155

main async 0.9.0 MIT
npm 1.4.21 Artistic 2.0
semver 3.0.1 BSD 4-Clause
optimist 0.6.1 MIT


alanshaw alanshaw

versions 38 total

3.3.1 a year ago alanshaw
3.3.0 a year ago alanshaw
3.2.0 a year ago alanshaw
3.1.0 2 years ago alanshaw
3.0.0 2 years ago alanshaw
2.4.1 2 years ago alanshaw
2.4.0 2 years ago alanshaw
2.3.1 2 years ago alanshaw
2.3.0 2 years ago alanshaw
2.2.0 2 years ago alanshaw
2.1.3 2 years ago alanshaw
2.1.2 2 years ago alanshaw
2.1.1 2 years ago alanshaw
2.1.0 2 years ago alanshaw
2.0.0 2 years ago alanshaw
1.9.1 2 years ago alanshaw
1.9.0 2 years ago alanshaw
1.8.1 2 years ago alanshaw
1.8.0 2 years ago alanshaw
1.7.3 2 years ago alanshaw
1.7.2 2 years ago alanshaw
1.7.1 2 years ago alanshaw
1.7.0 2 years ago alanshaw
1.6.1 3 years ago alanshaw
1.6.0 3 years ago alanshaw
1.5.0 3 years ago alanshaw
1.4.1 3 years ago alanshaw
1.4.0 3 years ago alanshaw
1.3.0 3 years ago alanshaw
1.2.1 3 years ago alanshaw
1.2.0 3 years ago alanshaw
1.1.2 3 years ago alanshaw
1.1.1 3 years ago alanshaw
1.1.0 3 years ago alanshaw
1.0.0 3 years ago alanshaw
0.0.3 3 years ago alanshaw
0.0.2 3 years ago alanshaw
0.0.1 3 years ago alanshaw
98 Downloads yesterday.



Build Status Coverage Status Dependency Status devDependency Status Donate to help support David development

Node.js module that tells you when your package NPM dependencies are out of date.

Getting Started

Install Node.js.

Install david:

cd /your/project/directory
npm install david


var david = require('david');

// Your package.json
var manifest = {
  name: 'xxx',
  dependencies: {
    'aaa': '~0.0.0',
    'bbb': '~0.0.0'
  devDependencies: {
    'yyy': '~0.0.0',
    'zzz': '~0.0.0'

david.getDependencies(manifest, function (er, deps) {
  console.log('latest dependencies information for', manifest.name);

david.getDependencies(manifest, { dev: true }, function (er, deps) {
  console.log('latest devDependencies information for', manifest.name);

david.getUpdatedDependencies(manifest, function (er, deps) {
  console.log('dependencies with newer versions for', manifest.name);

david.getUpdatedDependencies(manifest, { dev: true }, function (er, deps) {
  console.log('devDependencies with newer versions for', manifest.name);

david.getUpdatedDependencies(manifest, { stable: true }, function (er, deps) {
  console.log('dependencies with newer STABLE versions for', manifest.name);

david.getUpdatedDependencies(manifest, { dev: true, stable: true }, function (er, deps) {
  console.log('devDependencies with newer STABLE versions for', manifest.name);

function listDependencies(deps) {
  Object.keys(deps).forEach(function(depName) {
    var required = deps[depName].required || '*';
    var stable = deps[depName].stable || 'None';
    var latest = deps[depName].latest;
    console.log('%s Required: %s Stable: %s Latest: %s', depName, required, stable, latest);

Both getDependencies and getUpdatedDependencies return an object result, whose keys are package names. The values are objects which contain the following properties:

  • required - The version required according to the manifest
  • stable - The latest stable version available
  • latest - The latest version available (including build and patch versions)


If you install David globally with npm install -g david, you can run david in your project directory to see which dependencies are out of date.

You can also run david --global to see your outdated global dependencies.

Update to latest

To update all your project dependencies to the latest stable versions, and save to your package.json, run:

david update

You can also update global dependencies to latest versions:

david update --global

To update all your project dependencies to the latest versions (including unstable versions), pass the --unstable flag:

david update --unstable

Use an alternate reigstry:

david update --registry http://registry.nodejitsu.com/

Release History

  • 2014-06-02   v3.3.0   CLI Add --warn404 option to print errors but not abort
  • 2014-03-11   v3.1.0   CLI Add -r, --registry option to use alternate npm registry
  • 2014-03-06   v3.0.0   Errors occurring whilst retrieving dependency status doesn't halt processing of other dependencies. An error object will be returned as first arg to callback, but status info for remaining dependencies will still be available (as second arg). CLI now uses loose semver version parsing. Also update npm dependency so david update uses "^" as per https://github.com/npm/npm/issues/4587
  • 2013-10-27   v2.4.0   Removes semverext.js. The gtr function is now available in semver
  • 2013-10-08   v2.3.0   Support update specific modules from CLI via david update [module]
  • 2013-10-01   v2.2.0   Support for optionalDependencies and peerDependencies
  • 2013-09-16   v2.1.0   Fixed issues with latest/stable version detection
  • 2013-08-25   v2.0.0   Simplification refactor to remove caching and useless events. Code style changes, performance improvements.
  • 2013-08-04   v1.9.0   CLI added --unstable flag to view/update to latest unstable dependency versions
  • 2013-07-30   v1.8.0   CLI added david update to update dependencies to latest stable versions and save to your project package.json
  • 2013-06-27   v1.7.0   Updated to use semver 2 module. Simplified code that determines if a version is greater than a range
  • 2013-03-28   v1.6.0   Use setImmediate instead of process.nextTick. David now requires Node.js 0.10.x
  • 2013-03-27   v1.5.0   CLI added --global flag to find outdated global dependencies
  • 2013-03-15   v1.4.0   Allow set the maximum number of dependencies that can be stored in the cache
  • 2013-03-14   v1.3.0   Added CLI support
  • 2013-03-05   v1.2.0   David can now get dependency information for devDependencies
  • 2013-02-07   v1.1.0   Adds onlyStable param to getUpdatedDependencies to filter by dependencies that are updated and stable
  • 2013-02-06   v1.0.0   Return latest stable version as well as latest version (including patch and build versions). API return values changed. Events changed.
Resolving all dependencies.. This could take a while as our cache is not yet fully warmed up.